June 2013 Patch Recommendations

5 Security Bulletins were released – 1 Critical, 4 Important, and 0 Moderate

This Month In Brief

We have not uncovered any widespread problems with any of these patches and are releasing all of them.

MS13-047 is rated Critical and patches a vulnerability in all versions of Internet Explorer. After your next patch cycle completes you should follow up and make sure this is installed. MS13-051 is also a concern. It’s rated “Important” because user interaction is required however that “interaction” is simply opening a PNG file.


Requires Restart

  • Servers: Yes
  • Workstations: Yes

New Security Bulletins

(MS#/Affected Software/Type)


MS13-047 Cumulative Security Update for Internet Explorer (2838727) (Internet Explorer) The most severe vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.
KB in Kaseya: KB2838727
Affected Software: XP, Vista, Windows 7/8/RT, Server 2003, Server 2008/2008R2/2012
Known Issues per MS: https://support.microsoft.com/kb/2838727


MS13-048 Vulnerability in Windows Kernel Could Allow Information Disclosure (2839229) (Windows kernel) The vulnerability could allow information disclosure if an attacker logs on to a system and runs a specially crafted application or convinces a local, logged-in user to run a specially crafted application.
KB in Kaseya: KB2839229
Affected Software: XP, Vista, Server 2003, Server 2008, Windows 7/8
Known Issues per MS: https://support.microsoft.com/kb/2839229
MS13-049 Vulnerability in Kernel-Mode Driver Could Allow Denial of Service (2845690) (Windows kernel mode driver) The vulnerability could allow denial of service if an attacker sends specially crafted packets to the server.
KB in Kaseya: KB2845690
Affected Software: Vista, Windows 7/8/RT, Server 2008/2008R2/2012
Known Issues per MS: https://support.microsoft.com/kb/2845690
MS13-050 Vulnerability in Windows Print Spooler Components Could Allow Elevation of Privilege (2839894) (Print Spooler) The vulnerability could allow elevation of privilege when an authenticated attacker deletes a printer connection.
KB in Kaseya: KB2839894
Affected Software: Vista, Windows 7/8/RT, Server 2008/2008R2/2012
Known Issues per MS: https://support.microsoft.com/kb/2839894
MS13-051 Vulnerability in Microsoft Office Could Allow Remote Code Execution (2839571) (Microsoft Office) The vulnerability could allow remote code execution if a user opens a specially crafted Office document using an affected version of Microsoft Office software, or previews or opens a specially crafted email message in Outlook while using Microsoft Word as the email reader.
KB in Kaseya: KB2817421, KB2848689
Affected Software: Office 2003, Office 2011 for MAC
Known Issues per MS: https://support.microsoft.com/kb/2839571